<?php
/* Wildcard Rules
 * SCALAR  (?) => 'original string quoted'
 * OPAQUE  (&) => 'string from file quoted'
 * MISC     (~) => original string (left 'as-is')
 * example: $prep_query = prepare("SELECT ?,? FROM ? WHERE '?' LIKE '&'", "lastname", "address", "addressbook", "lastname", "B%");
 */
function prepare() {
 /* MySQL Prepare Function
  * By: Kage (Alex)
  * KageKonjou@GMail.com
  */
 $data = func_get_args();
 $query = $data[0];
 $tokens = split("[\&\?\~]", $query);
 $preparedquery = $tokens[0];
 $count = strlen($tokens[0]);
 for ($i=1; $i<count($tokens); $i++) {
  $char = substr($query, $count, 1);
  $count += (strlen($tokens[$i])+1);
  if ($char == "&") {
   $fp = @fopen($data[$i], 'r');
   $pdata = "";
   if ($fp) {
    while (($buf = fread($fp, 4096)) != false) {
     $pdata .= $buf;
    }
    fclose($fp);
   }
  } else {
   $pdata = &$data[$i];
  }
  $preparedquery .= ($char != "~" ? mysql_escape_string($pdata) : $pdata);
  $preparedquery .= $tokens[$i];
 }
 return $preparedquery;
}
?>